Investigation underway after 72M Under Armour records surface online

Under Armour is investigating a data breach after 72M customer records were posted online by a cybercriminal. The stolen data, linked to a November breach claimed by the Everest ransomware gang, includes millions of email addresses and personal information such as names, dates of birth, genders, geographic locations, and purchase information.

According to Have I Been Pwned, the Everest ransomware group claimed Under Armour as a victim in November 2025, stating they obtained access to 343GB of data. In January 2026, customer data from that incident was published on a popular hacking forum.

Under Armour has confirmed it is investigating the breach with external cybersecurity experts and states that payment systems and passwords were not affected. A very small percentage of customers may have had sensitive information exposed.

To read the complete article, see: Security Affairs .